[Asterisk-Users] Asterisk Manager Interface Remote Buffer Overflow
Vulnerability
Matt Riddell
matt.riddell at sineapps.com
Sun Jun 26 08:40:40 MST 2005
Zoa wrote:
>
> Haha, fun.
>
>
> Why use the bufferoverflow if you already have the permissions to
> execute any linux command using the manager interface :p
LOL that's what I was thinking!
A couple of weeks ago I used the manager interface to recreate whole
files on a dead PC.
I ended up having problems with the ! mode and so used addexten to add
extensions that ran system commands to recreate the files when I dialled
a particular extension.
Took a while, but I got there in the end!
:)
Not that I'm complaining about people doing security audits though, it
must be nearly a year since the last lot was done.
--
Cheers,
Matt Riddell
_______________________________________________
http://www.sineapps.com/news.php (Daily Asterisk News - html)
http://www.sineapps.com/rssfeed.php (Daily Asterisk News - rss)
More information about the asterisk-users
mailing list